Vulnerabilities > Unlimited Elements > Unlimited Elements FOR Elementor > 1.5.65

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-27	CVE-2024-29792	Unspecified vulnerability in Unlimited-Elements Unlimited Elements for Elementor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Reflected XSS.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.93. network low complexity unlimited-elements	6.1
2023-12-20	CVE-2023-31231	Unspecified vulnerability in Unlimited-Elements Unlimited Elements for Elementor Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.65. network low complexity unlimited-elements	6.5
2023-06-17	CVE-2023-3295	Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited-Elements Unlimited Elements for Elementor The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) for WordPress is vulnerable to arbitrary file uploads due to missing file type validation of files in the file manager functionality in versions up to, and including, 1.5.66 . network low complexity unlimited-elements CWE-434	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.